(Classic ASP) Duplicate CSR Created by OpenSSL with Config.cnf

See more CSR Examples

Demonstrates how to duplicate a CSR created by the following commands:

# Generate Private Key
openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem

#Generate CSR
openssl req -new -sha256 -key PrivateKey.pem -extensions v3_req -config Config.cnf -out CSR.csr

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' This example duplicates the CSR created by OpenSSL with the following config file:

' oid_section = OIDs
' [ OIDs ]
' certificateTemplateName= 1.3.6.1.4.1.311.20.2
' 
' [ req ]
' default_bits 	= 2048
' emailAddress 	= it@example.sa
' req_extensions	= v3_req
' x509_extensions 	= v3_ca
' prompt = no
' default_md = sha256
' req_extensions = req_ext
' distinguished_name = dn
' 
' [ v3_req ]
' basicConstraints = CA:FALSE
' keyUsage = digitalSignature, nonRepudiation, keyEncipherment
' 
' [req_ext]
' certificateTemplateName = ASN1:PRINTABLESTRING:ZATCA-Code-Signing
' subjectAltName = dirName:alt_names
' 
' [ dn ]
' CN =EXAMPLE-CORP  				# Common Name
' C=SA									# Country Code e.g SA
' OU=HEAD-OFFICE							# Organization Unit Name
' O=ASC									# Organization Name
' 
' [alt_names]
' SN=1-ASC|2-V01|3-1234567890				# EGS Serial Number 1-ABC|2-PQR|3-XYZ
' UID=312345678900003						# Organization Identifier (VAT Number)
' title=1100								# Invoice Type
' registeredAddress=Dammam  	 			# Address
' businessCategory=IT						# Business Category

' The OpenSSL commands we are duplicating:

' openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem
' openssl req -new -sha256 -key PrivateKey.pem -extensions v3_req -config Config.cnf -out CSR.csr

' The 1st step is to actually use OpenSSL to generate a sample CSR.csr that we wish to duplicate.
' With the sample CSR.csr, we get the ExtensionRequest as XML.  
' For example:

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.StringBuilder")
set sbCsr = Server.CreateObject("Chilkat.StringBuilder")
success = sbCsr.LoadFile("qa_data/csr/openssl_cnf/CSR.csr","utf-8")
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( "Failed to load CSR.csr") & "</pre>"
    Response.End
End If

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Csr")
set csr0 = Server.CreateObject("Chilkat.Csr")
success = csr0.LoadCsrPem(sbCsr.GetAsString())
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( csr0.LastErrorText) & "</pre>"
    Response.End
End If

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Xml")
set xml0 = Server.CreateObject("Chilkat.Xml")
success = csr0.GetExtensionRequest(xml0)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( csr0.LastErrorText) & "</pre>"
    Response.End
End If

' Let's examine the extension request..
Response.Write "<pre>" & Server.HTMLEncode( xml0.GetXml()) & "</pre>"

' <?xml version="1.0" encoding="utf-8"?>
' <set>
'     <sequence>
'         <sequence>
'             <oid>1.3.6.1.4.1.311.20.2</oid>
'             <asnOctets>
'                 <printable>ZATCA-Code-Signing</printable>
'             </asnOctets>
'         </sequence>
'         <sequence>
'             <oid>2.5.29.17</oid>
'             <asnOctets>
'                 <sequence>
'                     <contextSpecific tag="4" constructed="1">
'                         <sequence>
'                             <set>
'                                 <sequence>
'                                     <oid>2.5.4.4</oid>
'                                     <utf8>1-ASC|2-V01|3-1234567890</utf8>
'                                 </sequence>
'                             </set>
'                             <set>
'                                 <sequence>
'                                     <oid>0.9.2342.19200300.100.1.1</oid>
'                                     <utf8>312345678900003</utf8>
'                                 </sequence>
'                             </set>
'                             <set>
'                                 <sequence>
'                                     <oid>2.5.4.12</oid>
'                                     <utf8>1100</utf8>
'                                 </sequence>
'                             </set>
'                             <set>
'                                 <sequence>
'                                     <oid>2.5.4.26</oid>
'                                     <utf8>Dammam</utf8>
'                                 </sequence>
'                             </set>
'                             <set>
'                                 <sequence>
'                                     <oid>2.5.4.15</oid>
'                                     <utf8>IT</utf8>
'                                 </sequence>
'                             </set>
'                         </sequence>
'                     </contextSpecific>
'                 </sequence>
'             </asnOctets>
'         </sequence>
'     </sequence>
' </set>

' If you wish to generate the above XML without going through the above steps, copy the XML into
' the online tool at https://tools.chilkat.io/xmlCreate

' Here is the generated code for the above XML:

' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Xml")
set xml = Server.CreateObject("Chilkat.Xml")
xml.Tag = "set"
xml.UpdateChildContent "sequence|sequence|oid","1.3.6.1.4.1.311.20.2"
xml.UpdateChildContent "sequence|sequence|asnOctets|printable","ZATCA-Code-Signing"
xml.UpdateChildContent "sequence|sequence[1]|oid","2.5.29.17"
success = xml.UpdateAttrAt("sequence|sequence[1]|asnOctets|sequence|contextSpecific",1,"tag","4")
success = xml.UpdateAttrAt("sequence|sequence[1]|asnOctets|sequence|contextSpecific",1,"constructed","1")
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|oid","2.5.4.4"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|utf8","1-ASC|2-V01|3-1234567890"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|oid","0.9.2342.19200300.100.1.1"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|utf8","312345678900003"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|oid","2.5.4.12"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|utf8","1100"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|oid","2.5.4.26"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|utf8","Dammam"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|oid","2.5.4.15"
xml.UpdateChildContent "sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|utf8","IT"

' We'll need a new secp256k1 private key, so let's generate it.
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Ecc")
set ecdsa = Server.CreateObject("Chilkat.Ecc")
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Prng")
set prng = Server.CreateObject("Chilkat.Prng")
' privKey is a Chilkat.PrivateKey
Set privKey = ecdsa.GenEccKey("secp256k1",prng)
If (ecdsa.LastMethodSuccess = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( ecdsa.LastErrorText) & "</pre>"
    Response.End
End If

Response.Write "<pre>" & Server.HTMLEncode( "Generated secp256k1 private key.") & "</pre>"

' Use a new CSR object to generate a CSR with the private key and extension request.
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Csr")
set csr = Server.CreateObject("Chilkat.Csr")

' Add the [dn] fields
'  [ dn ]
'  CN =EXAMPLE-CORP  				# Common Name
'  C=SA									# Country Code e.g SA
'  OU=HEAD-OFFICE							# Organization Unit Name
'  O=ASC									# Organization Name
csr.CommonName = "EXAMPLE-CORP"
csr.Country = "SA"
csr.CompanyDivision = "HEAD-OFFICE"
csr.Company = "ASC"

' Add the extension request to the CSR
success = csr.SetExtensionRequest(xml)

' Generate the CSR with the extension request
csrPem = csr.GenCsrPem(privKey)
If (csr.LastMethodSuccess = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( csr.LastErrorText) & "</pre>"

    Response.End
End If

Response.Write "<pre>" & Server.HTMLEncode( csrPem) & "</pre>"

' Sample output:

' -----BEGIN CERTIFICATE REQUEST-----
' MIIBuDCCAV8CAQAwSDEVMBMGA1UEAwwMRVhBTVBMRS1DT1JQMQswCQYDVQQGEwJT
' QTEUMBIGA1UECwwLSEVBRC1PRkZJQ0UxDDAKBgNVBAoMA0FTQzBWMBAGByqGSM49
' AgEGBSuBBAAKA0IABFI5rusr76HiJcMMr1r4L0B0BOAs6azLkt/RwHoT6A0xFRRt
' tulWT40tNhx3qJ4I5ePNgMceOEtuK1kMGVTovI6ggbcwgbQGCSqGSIb3DQEJDjGB
' pjCBozAhBgkrBgEEAYI3FAIEFBMSWkFUQ0EtQ29kZS1TaWduaW5nMH4GA1UdEQR3
' MHWkczBxMSEwHwYDVQQEDBgxLUFTQ3wyLVYwMXwzLTEyMzQ1Njc4OTAxHzAdBgoJ
' kiaJk/IsZAEBDA8zMTIzNDU2Nzg5MDAwMDMxDTALBgNVBAwMBDExMDAxDzANBgNV
' BBoMBkRhbW1hbTELMAkGA1UEDwwCSVQwCgYIKoZIzj0EAwIDRwAwRAIgJnbgpSGb
' diB+0M1VTqc1GU9sFsfnOvVN/8WhWRRxQIwCIF5eH9vgMgXyoU284X8Bx3dqOJ4q
' xashGWci87POxSvT
' -----END CERTIFICATE REQUEST-----

%>
</body>
</html>